fix a bug in the check_your_permission_by_id_list() function

This commit is contained in:
SJ 2012-08-07 22:38:06 +02:00
parent babd0f31f5
commit bd3ca9eb21

View File

@ -463,9 +463,7 @@ class ModelSearchSearch extends Model {
$q = $q2 = ''; $q = $q2 = '';
$arr = $a = $result = $result2 = array(); $arr = $a = $result = $result2 = array();
if(count($id) < 1) { return array(); } if(count($id) < 1) { return array($result, $result2); }
if(Registry::get('auditor_user') == 1) { return $id; }
$arr = $id; $arr = $id;
@ -475,19 +473,25 @@ class ModelSearchSearch extends Model {
$q2 = preg_replace("/^\,/", "", $q2); $q2 = preg_replace("/^\,/", "", $q2);
if(Registry::get('auditor_user') == 0) {
while(list($k, $v) = each($_SESSION['emails'])) { while(list($k, $v) = each($_SESSION['emails'])) {
if(validemail($v) == 1) { if(validemail($v) == 1) {
$q .= ",?"; $q .= ",?";
array_push($a, $v); array_push($a, $v);
} }
} }
}
$q = preg_replace("/^\,/", "", $q); $q = preg_replace("/^\,/", "", $q);
if(Registry::get('auditor_user') == 1) {
$query = $this->db->query("SELECT distinct id, piler_id FROM " . VIEW_MESSAGES . " WHERE `id` IN ($q2)", $arr);
} else {
$arr = array_merge($arr, $a, $a); $arr = array_merge($arr, $a, $a);
$query = $this->db->query("SELECT distinct id, piler_id FROM " . VIEW_MESSAGES . " WHERE `id` IN ($q2) AND ( `from` IN ($q) OR `to` IN ($q) )", $arr); $query = $this->db->query("SELECT distinct id, piler_id FROM " . VIEW_MESSAGES . " WHERE `id` IN ($q2) AND ( `from` IN ($q) OR `to` IN ($q) )", $arr);
}
if($query->num_rows > 0) { if($query->num_rows > 0) {
foreach ($query->rows as $q) { foreach ($query->rows as $q) {